diff options
| author | zeripath <art27@cantab.net> | 2020-12-13 00:01:44 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-13 01:01:44 +0100 |
| commit | 8e8e8ee150a70e882bf4661fab84382befe29ac0 (patch) | |
| tree | 6a3ea4a3ead17a160b2b7fa577cd357d23331e4d | |
| parent | 05ee88e576ba922460924d2cb9df4a9d98767664 (diff) | |
| download | gitea-8e8e8ee150a70e882bf4661fab84382befe29ac0.tar.gz gitea-8e8e8ee150a70e882bf4661fab84382befe29ac0.zip | |
Whenever the password is updated ensure that the hash algorithm is too (#13966) (#13967)
Backport #13966
`user.HashPassword` may potentially - and in fact now likely does - change
the `passwd_hash_algo` therefore whenever the `passwd` is updated, this
also needs to be updated.
Fix #13832
Thanks @fblaese for the hint
Signed-off-by: Andrew Thornton <art27@cantab.net>
| -rw-r--r-- | cmd/admin.go | 2 | ||||
| -rw-r--r-- | routers/user/auth.go | 4 | ||||
| -rw-r--r-- | routers/user/setting/account.go | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/cmd/admin.go b/cmd/admin.go index 9f81f5284d..597aeb8eb1 100644 --- a/cmd/admin.go +++ b/cmd/admin.go @@ -283,7 +283,7 @@ func runChangePassword(c *cli.Context) error { } user.HashPassword(c.String("password")) - if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil { + if err := models.UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil { return err } diff --git a/routers/user/auth.go b/routers/user/auth.go index 02cebe6a0e..893cad09be 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -1496,7 +1496,7 @@ func ResetPasswdPost(ctx *context.Context) { } u.HashPassword(passwd) u.MustChangePassword = false - if err := models.UpdateUserCols(u, "must_change_password", "passwd", "rands", "salt"); err != nil { + if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "rands", "salt"); err != nil { ctx.ServerError("UpdateUser", err) return } @@ -1572,7 +1572,7 @@ func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form aut u.HashPassword(form.Password) u.MustChangePassword = false - if err := models.UpdateUserCols(u, "must_change_password", "passwd", "salt"); err != nil { + if err := models.UpdateUserCols(u, "must_change_password", "passwd", "passwd_hash_algo", "salt"); err != nil { ctx.ServerError("UpdateUser", err) return } diff --git a/routers/user/setting/account.go b/routers/user/setting/account.go index 9b72e2a31a..4fb2e4be40 100644 --- a/routers/user/setting/account.go +++ b/routers/user/setting/account.go @@ -68,7 +68,7 @@ func AccountPost(ctx *context.Context, form auth.ChangePasswordForm) { return } ctx.User.HashPassword(form.Password) - if err := models.UpdateUserCols(ctx.User, "salt", "passwd"); err != nil { + if err := models.UpdateUserCols(ctx.User, "salt", "passwd_hash_algo", "passwd"); err != nil { ctx.ServerError("UpdateUser", err) return } |